FKIE_CVE-2017-11145

Vulnerability from fkie_nvd - Published: 2017-07-10 14:29 - Updated: 2025-04-20 01:37
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, an error in the date extension's timelib_meridian parsing code could be used by attackers able to supply date strings to leak information from the interpreter, related to ext/date/lib/parse_date.c out-of-bounds reads affecting the php_parse_date function. NOTE: the correct fix is in the e8b7698f5ee757ce2c8bd10a192a491a498f891c commit, not the bd77ac90d3bdf31ce2a5251ad92e9e75 gist.
References
cve@mitre.orghttp://git.php.net/?p=php-src.git%3Ba=commit%3Bh=e8b7698f5ee757ce2c8bd10a192a491a498f891c
cve@mitre.orghttp://openwall.com/lists/oss-security/2017/07/10/6Mailing List, Third Party Advisory
cve@mitre.orghttp://php.net/ChangeLog-5.phpRelease Notes, Vendor Advisory
cve@mitre.orghttp://php.net/ChangeLog-7.phpRelease Notes, Vendor Advisory
cve@mitre.orghttp://www.securityfocus.com/bid/99550
cve@mitre.orghttps://access.redhat.com/errata/RHSA-2018:1296
cve@mitre.orghttps://bugs.php.net/bug.php?id=74819Third Party Advisory
cve@mitre.orghttps://gist.github.com/anonymous/bd77ac90d3bdf31ce2a5251ad92e9e75Patch, Third Party Advisory
cve@mitre.orghttps://security.netapp.com/advisory/ntap-20180112-0001/
cve@mitre.orghttps://www.debian.org/security/2018/dsa-4080
cve@mitre.orghttps://www.debian.org/security/2018/dsa-4081
cve@mitre.orghttps://www.tenable.com/security/tns-2017-12
af854a3a-2127-422b-91ae-364da2661108http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=e8b7698f5ee757ce2c8bd10a192a491a498f891c
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2017/07/10/6Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://php.net/ChangeLog-5.phpRelease Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://php.net/ChangeLog-7.phpRelease Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/99550
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2018:1296
af854a3a-2127-422b-91ae-364da2661108https://bugs.php.net/bug.php?id=74819Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://gist.github.com/anonymous/bd77ac90d3bdf31ce2a5251ad92e9e75Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20180112-0001/
af854a3a-2127-422b-91ae-364da2661108https://www.debian.org/security/2018/dsa-4080
af854a3a-2127-422b-91ae-364da2661108https://www.debian.org/security/2018/dsa-4081
af854a3a-2127-422b-91ae-364da2661108https://www.tenable.com/security/tns-2017-12
Impacted products
Vendor Product Version
php php *
php php 7.0.0
php php 7.0.1
php php 7.0.2
php php 7.0.3
php php 7.0.4
php php 7.0.5
php php 7.0.6
php php 7.0.7
php php 7.0.8
php php 7.0.9
php php 7.0.10
php php 7.0.11
php php 7.0.12
php php 7.0.13
php php 7.0.14
php php 7.0.15
php php 7.0.16
php php 7.0.17
php php 7.0.18
php php 7.0.19
php php 7.0.20
php php 7.1.0
php php 7.1.1
php php 7.1.2
php php 7.1.3
php php 7.1.4
php php 7.1.5
php php 7.1.6
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "399EA21A-9B46-4F4F-9A33-4DC557B11743",
              "versionEndIncluding": "5.6.30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB6890AF-8A0A-46EE-AAD5-CF9AAE14A321",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B90B947-7B54-47F3-9637-2F4AC44079EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "35848414-BD5D-4164-84DC-61ABBB1C4152",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B1F8402-8551-4F66-A9A7-81D472AB058E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A773E8E-48CD-4D35-A0FD-629BD9334486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC492340-79AF-4676-A161-079A97EC6F0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1C2D8FE-C380-4B43-B634-A3DBA4700A71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EB58393-0C10-413C-8D95-6BAA8BC19A1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "751F51CA-9D88-4971-A6EC-8C0B72E8E22B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "37B74118-8FC2-44CB-9673-A83DF777B2E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D56A200-1477-40DA-9444-CFC946157C69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD0D1CCC-A857-4C15-899E-08F9255CEE34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "6745CC43-2836-4CD8-848F-EEA08AE9D5AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BEB6696-14F9-4D9B-9974-B682FFBB828E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "04146390-021D-4147-9830-9EAA90D120A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B124547-DC1D-4A92-B8AB-8A1900063786",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "F45B2127-CF3D-4D59-9042-AE6DF2908319",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "29A450E3-931F-4487-A76D-80A38210297A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "C099A0C4-883D-42ED-8359-FFD3ADD692A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABD07432-5A23-491E-892E-42F0F58307D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.0.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "19627ECC-9342-4917-8FCC-7757339E3242",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C68AA43-ED90-4B98-A5F8-4E210C2CC7CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2466D297-9442-40B0-A1A7-F9D166396CF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EADBF7EE-18DC-49F9-BF2F-A09BBAE76F45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1726E9B6-A7FA-402B-A911-0CE81C623087",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3670FF7-2CA3-41A4-92FE-0123497E4E87",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C22CE03-DFE5-4CD3-B229-10B219A55434",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:7.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "C258AF27-84DF-4FC3-A651-1349BB567FB9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, an error in the date extension\u0027s timelib_meridian parsing code could be used by attackers able to supply date strings to leak information from the interpreter, related to ext/date/lib/parse_date.c out-of-bounds reads affecting the php_parse_date function. NOTE: the correct fix is in the e8b7698f5ee757ce2c8bd10a192a491a498f891c commit, not the bd77ac90d3bdf31ce2a5251ad92e9e75 gist."
    },
    {
      "lang": "es",
      "value": "En PHP anterior a versi\u00f3n 5.6.31, versi\u00f3n 7.x anterior a 7.0.21, y versi\u00f3n 7.1.x anterior a 7.1.7, un error en el c\u00f3digo de an\u00e1lisis timelib_meridian de la extensi\u00f3n de fecha podr\u00eda ser utilizado por los atacantes capaces de proporcionar cadenas de fecha para filtrar informaci\u00f3n del int\u00e9rprete, relacionada con el archivo ext/date/lib/parse_date.c y vulnerabilidad de lectura fuera de l\u00edmites que afectan a la funci\u00f3n php_parse_date. NOTA: la correcci\u00f3n apropiada est\u00e1 en la commit e8b7698f5ee757ce2c8bd10a192a491a498f891c, no en la gist bd77ac90d3bdf31ce2a5251ad92e9e75."
    }
  ],
  "id": "CVE-2017-11145",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-07-10T14:29:00.637",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=e8b7698f5ee757ce2c8bd10a192a491a498f891c"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://openwall.com/lists/oss-security/2017/07/10/6"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "http://php.net/ChangeLog-5.php"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "http://php.net/ChangeLog-7.php"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/99550"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://access.redhat.com/errata/RHSA-2018:1296"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://bugs.php.net/bug.php?id=74819"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://gist.github.com/anonymous/bd77ac90d3bdf31ce2a5251ad92e9e75"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://security.netapp.com/advisory/ntap-20180112-0001/"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.debian.org/security/2018/dsa-4080"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.debian.org/security/2018/dsa-4081"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.tenable.com/security/tns-2017-12"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=e8b7698f5ee757ce2c8bd10a192a491a498f891c"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://openwall.com/lists/oss-security/2017/07/10/6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "http://php.net/ChangeLog-5.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "http://php.net/ChangeLog-7.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/99550"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2018:1296"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://bugs.php.net/bug.php?id=74819"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://gist.github.com/anonymous/bd77ac90d3bdf31ce2a5251ad92e9e75"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://security.netapp.com/advisory/ntap-20180112-0001/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.debian.org/security/2018/dsa-4080"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.debian.org/security/2018/dsa-4081"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.tenable.com/security/tns-2017-12"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.